Nearly a month after Git vulnerabilities, CVE-2016-2324 and CVE-2016-2315 were made clear to Apple, they have finally been fixed. Upsetting to some, the patched version of Git was released on March 17th, but was not implemented into Xcode by Apple until about 6 weeks later. Apple released a new version of its Xcode development tool this past week, in order to patch two critical vulnerabilities in the Git source code management client. The Git vulnerabilities allow attackers to use malicious code on systems that utilized the initiated cloning operations.
Developers use Xcode to write applications for OS X and iOS as it is an integrated development environment. Xcode includes a package called the OS X Command Line Tools for Xcode, which contained the Git vulnerabilities. Now updated to 2.7.4. version, the Git with the command tools package should be back in working order. System administrators and researchers alike criticized Apple for their lack of timely attention to the patches. Left in the dark and without a patch for 6 weeks, many were forced to resort to hacking in order to disable Git within company Mac machines, not exactly the ideal solution to the problem. When it takes Apple a month and a half to implement the fix, sometimes hackery is the only viable answer.
If you would like to educate yourself in more detail about the information presented in this blog post please visit: Computer World – Apple Patches
It’s now been over a year since the release of Windows 7 and Windows Server 2008 R2, so that means it’s just about time for the first service pack. With the core operating system being based on the same code, the service pack release will be for both products. A release candidate for Service Pack 1 is available at the link below, but I highly recommend you read the FAQ’s in the link below also. Once you install the SP1 Release Candidate 1, there is no upgrade path to the released version of SP1. Consulting companies must either reinstall the operating system, or uninstall the RC version, which is likely not a clean process. As usual, this service pack is a colletion of security updates and hotfixes, but there are a few enhancements as well. The ones that caught my eye as I read through the notes are RemoteFX and Hyper-V Dynamic Memory. First, RemoteFX is an enhancement to the already revamped Remote Desktop Services in Windows Server 2008 R2. RemoteFX offers support for remote USB devices, 3D graphics and video, as well as enhanced encryption and management. The idea is to be able to provide high quality multimedia experiences in a Remote Desktop session that is similar to the experience that a user can have on their local Windows 7 computer.
Second, Hyper-V Dynamic Memory is a technology that allows a Hyper-V host to dynamically allocate memory to virtual machine guests as needed. VMWare supports overallocation of memory, which is allowing more memory to be allocated to guest virtual machines than there is physical memory. With Hyper-V, guest virtual machines could not be configured for more memory than what is available on the host. In my opinion, this was a critical shortcoming in Hyper-V and it appears that Microsoft has addressed this with Hyper-V Dynamic Memory in SP1.
It appears that we will have another 3 to 6 months before we can see SP1 released. You can use the links below to download evaluations, check out the FAQ’s and find out some more in-depth information about the new features in this release.
Hyper-V Dynamic Memory